Sun EEPROM Security

Published   Read time 1 min 31 sec(s)   (2420 views).  Security  

On Sun workstations and servers you can interact with the boot EEPROM (NVRAM) at any time by holding down the STOP (L1) key and pressing the A key. If you're using a dumb terminal as the console the BREAK key has the same effect. You can remove this feature from the kernel, but otherwise, it's there for anyone to use or abuse. This chip stores the configuration information for the machine, including the hostid and the ethernet address.

Mark Henderson's change-sun-hostid package provides a lot of useful information about Sun NVRAMs, including how to change the hostid and how to recover should the NVRAM battery fail. It can be found at: http://www.squirrel.com/squirrel.

Using STOP-A, or break, anyone can interrupt your machine and reboot from CDROM or their disk, and have complete access to your files. To help prevent this you should password protect your EEPROM. You are allowed 3 levels of EEPROM security, none-secure, command-secure, and fully-secure.

  • none-secure -- The first one is the default, i.e. no security. Anyone can issue any command at the EEPROM prompt.
  • command-secure -- With this setting a password would have to be used to boot from anything other than the default device.
  • fully-secure -- Is the most secure option, where the password has to be supplied to boot in all cases.

The EEPROM password is different from the OS password. Should you forget your EEPROM password you won't be able to change it unless you have access to the running system; from there you can use the eeprom command to reset any EEPROM parameters. So whatever you choose for this password, make sure it's easy to remember or you might just lock yourself out of your machine. In which case, you might have to buy a new EEPROM (which in some cases involves swapping the CPU).